The concept of red teaming or threat intelligence penetration testing is to undertake more realistic and specific threat based assessments of an organisation, typically over a longer period.
The approach involves simulation of a more sophisticated attack, combining a range of attack vectors, such as:
- Social engineering
- Phishing / spear phishing
- Malware deployment
- Traditional penetration
- War dialling
- Exfiltration of data
Engagements are planned and executed together with the client, making use of either the client’s threat-based intelligence or third party threat intelligence. Commissum can conduct specific intelligence gathering for an assignment if neither of these sources is available to the client.
Scenarios test more than technology defenses, providing an evaluation of detection and incident response capabilities.
Typical engagements include:
- Initial planning with client
- Intelligence gathering and collation of client, third party and Commissum intelligence inputs
- Risk assessment – essential to ensure the realism of testing does not interrupt business operations unduly, and assessing the appetite for potential consequential risk
- Agreement of measurement criteria for internal detection and response processes and assessment of the maturity of the organisation’s ability to deal with sophisticated attacks
- Agreement of “fast-forward” criteria where phases may be curtailed to maintain momentum and time efficiency
- Phased execution with agreed review points
- Internal escalation of malware deployment / penetration
- Data exfiltration
- Wash-up meetings held as agreed during the testing, and a workshop session following the delivery of the report
Our personnel are experienced in delivering such services across a range of sectors, with the skills and knowledge required to undertake the intellectually demanding and sometimes technically difficult tasks required, within time constraints, while minimising any actual risk to client systems.